My neighbor used my IP address to send out emails. How does this work? Can I change my IP address? I have googled this topic and the answers are very confusing.

•

It all depends on how you think he got your IP address, and in fact whether it's really yours at all.

There's at least one common scenario where this does represent a true security risk, and we need to nail that down. But there are also scenarios where it's not really an issue in your control.

•

If your neighbor is truly using your IP address, that implies he's connected to your network. That's a bad thing, unless you trust him and have explicitly allowed him to do so. I'm guessing from your question that's not the case.

By far the most common reason for this is simply that you have an "open wireless hotspot":

you have a wireless router or access point

the wireless connection is not password protected

your neighbor is in range of your wireless, and is using it

It's important to note that your neighbor could be completely unaware - it can happen accidentally or if he's not paying attention to what he's connecting to. I would not assume malicious intent on his part, unless you have additional information that says otherwise.

The fix is very simple: password protect the wireless connection. Configure the wireless router or access point to use WPA which then requires a password to be able to connect to the wireless network. Of course don't tell your neighbor that password.

No one except those you've authorized will be able to connect to your network.

As a bonus, your connections will be encrypted, and no one will be able to "sniff" them either, as is possible at most free wireless hotspots.

•

There are a few other reasons that he might appear to have sent email "from" your IP address.

You could have misread the email headers - your IP address, as the destination when you download your email, may well appear within it, in addition to the IP and email address that the mail was sent from.

You and your neighbor could have the same ISP, and both have "DHCP" assigned IP addresses - which can change. In fact, what's your IP address today could easily be your neighbor's IP address tomorrow.

The email might not be from your neighbor at all. Your machine could be infected with a spam-sending virus or bot, and it could be "spoofing" the from address so as to appear that it's being sent by your neighbor.

•

Can you change your IP address? Well, that too depends - this time on what kind of IP address you have.

If you've been assigned a static (unchanging) IP address, you'll need to contact your ISP and coordinate getting it changed with them.

If you have a dynamic IP address (DHCP, above), then you can try to change the address by simply unplugging your internet-connected modem and/or router, waiting a while, and plugging it back in again. This way it will ask for a new IP address. The problem here is that there's no way to force it to be different than whatever you had before - you may get the same IP address again. In fact, many ISPs explicitly try to give you the same IP address for "a while", even when you're not connected for a time, as it can be slightly more efficient for them.

Leo A. Notenboom has been playing with computers since he
was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed.
After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers
to common computer and technical questions. More about Leo.

Not what you needed?

You may also be interested in:

What is DHCP? DHCP is the protocol computers use to request and receive a "dynamic" IP address.

How do I secure my router? Your router is your first line defense against malicious attacks from the internet. But is your router secure? I'll review the important settings.

"...important to note that your neighbor could be completely unaware...".
Excellent point, Leo. You truly stand out in the advice sector. That little comment probably has 50% of your readers relaxing. Put down the AK47s and tomahawks, folks, most things done by newbies are unintentional.
Amazing how many folks immediately think the worse. I run into this most of the time. It is never their "fault" for not following protocol or just simple tried and proven good computing steps.

Goos advice, Leo. Kudos.

Weeble
July 20, 2009 5:27 AM

Awwwww, how did you know I was going to suggest putting a hatchet in the neighbor's computer? :-D

A question that came to me in the first place was "how did the guy know his neighbor had used his IP address?" It's not exactly displayed by default in any email program (local or webmail) I've heard of. And since I have DHCP, I generally don't know what my IP address is at any given time; I usually go to http://www.whatismyipaddress.com if I even need to know. (Hey, Leo! Another tip! "How to find out what your IP address is!")

If only I had an article on that already. Oh wait! I do! What's my IP address? (That search function is a wonderful thing.)

- Leo20-Jul-2009

PaulM
July 20, 2009 8:36 AM

Weeble - it's been done: http://ask-leo.com/whats_my_ip_address.html

Mark Jacobs
July 20, 2009 10:14 AM

It's not so good that in the US, routers are often configured with unsecured wireless access and it's up to the user to create an access key. My Fritzbox router in Germany is preconfigured with a unique key printed on the router. The number can be read by anyone who has access to the router, but until I know someone has compromised this key (detached the router and copied the number) I'll stick with it as my kids are often changing computers and in spite of the small risk, the convenience is worth it at the moment.

Ken B
July 20, 2009 3:27 PM

It still amazes me (though to a lesser degree) how many people simply plug in a wireless router and go. At the moment, my laptop sees three SSIDs of "linksys", all unsecured. Out of curiosity, I have on occasion, connected to one of them, brought 192.168.1.1 up in my browser, and logged into the administrator control panel using the out-of-the-box login and password. Good thing my morals prevent me from doing anything malicious.

Robert Pereda
July 21, 2009 8:47 AM

Another Point to Remember - Make sure you keep your Network Security password ID written down in a safe place in the even you forget it. Also, when setting up your encryption - make sure you do your homework first- as some older wireless cards may not be compitable with some of the newer encryption. If you like online games - check this out: [link removed]

Tom Clark
July 21, 2009 12:45 PM

If the neighbor is in fact sharing a wireless connection, and that connection is like my Linksys Wireless Router, the local router will get an IP address from the ISP and then assign a DHCP address to each unit on the local network. Commonly this is in the default range of 192.168.1.xxx. The 192.168.1.xxx range of IP addresses is "not routable" and will not be passed across the router to the outside world.

To the outside world (on the other side of the router from the local network) there is a single IP address assigned by the ISP to the router port directly connected to it. The router determines which local IP address is involved in the transaction and passes the traffic through to the appropriate hidden and non-routable local address. That is part of what routers do.

So from the outside world perspective, every unit served by the local router appears to be the same IP address that was provided by the ISP.

The result of all this is that anyone who sends an e-mail from the local network will appear to have sent from the same ISP assigned IP address that is assigned to the port on "world" side of the router and to be using the ISP assigned address. The 192.168.1.xxx IP addresses are not disclosed across the router to the outside world.

This is a probable answer as to why the addresses are the same.

The other comments about the neighbor's use of the same wireless network by design or ignorance are germane. Appropriate wireless connection security is the answer.

Gary Law
July 21, 2009 2:25 PM

Another good tip to stop a neighbor using your IP address, is to set up an access list on your router, that is of course assuming that your router supports this.
An access list will allow you to limit the devices that can access your network by specifying their MAC addresses.

It's fine to prevent accidental connections, but MAC address filtering is not secure. The MAC address can be spoofed, and it's sent in the clear even on an encrypted conneciton.

- Leo22-Jul-2009

Tony Huby
July 22, 2009 1:35 AM

I agree with Gary, I found the easiest way was to specifiy the MAC addresses in the router set-up. Most modern (last 5 years) routers seem to support this.

Samuel Fadeyi
July 22, 2009 9:10 AM

You still did not answer the question-how he knew his neighbor was using his IP address. I am curious to know that.

The questioner didn't say. My guess would be the most common: his IP address showed up in the headers of an email sent by the neighbor, but that's just a wild guess.

- Leo23-Jul-2009

Robert
July 22, 2009 9:34 PM

All of the comments are great and true.
Another way to secure your wireless is to Disable your SSID broadcast.
....Robert

This, too, may help prevent the accidental connection, but it is not "secure", in the sense that someone looking to sniff or purposely connect to your network still can.

- Leo23-Jul-2009

Ahamed Bauani
July 23, 2009 9:53 AM

You may be surprised to know that in my country many ISP (They call them ISP) provide IP address to customer directly from there switch/hub with more then /29 subnet! Also many customer in same subnet and there is no protection at all! yes this is true. If asker is in this scenario, I would suggest him/her to change that 'unsecured' ISP. I worked for my Government's Cyber Security Department for while and found it is very common practice among ISP's in my country. Bauani's Tech Blog

John Davis
July 25, 2009 12:48 AM

I filled a form with my phone number and house address.when connecting wireless.now anyone can look up my e-mail address and get my name,phone number and physical address.Is there anyway for me to erase,hide or change the information ?

No idea. It depends on exactly what form and what service you're talking about.

- Leo25-Jul-2009

snail
August 10, 2009 3:26 PM

if you know how many computers will connect to your network, can you restrict this number? Would such a restriction only be applicable, though, assuming all of your computers(full capacity of allowed connections) were filled and active at all times the network is active?
Also, a question about networks. I am connecting to the Internet using a wireless router which is connected to a cable modem. I have disabled file-sharing on my computers. Is this strictly a Wireless Internet Access point then? How can I tell if the computers which use this wireless access to the Internet are exposed or able to be explored by any other computers using this connection?

Bob Warriner
February 1, 2010 3:28 AM

My neighbour has an open system, when I (out of interest of course)I had a look at her router settings, I found my computer name under LAN clients, does that mean she would be able to access my computer?
Bob.

•

Comments on this entry are closed.

If you have a question, start by using the search box up at the
top of the page - there's a very good chance that
your question has already been answered on Ask Leo!.